|Publication number||US7890315 B2|
|Application number||US 11/382,861|
|Publication date||Feb 15, 2011|
|Filing date||May 11, 2006|
|Priority date||Dec 29, 2005|
|Also published as||US20070156375|
|Publication number||11382861, 382861, US 7890315 B2, US 7890315B2, US-B2-7890315, US7890315 B2, US7890315B2|
|Inventors||John D. Meier, Srinath Vasireddy|
|Original Assignee||Microsoft Corporation|
|Export Citation||BiBTeX, EndNote, RefMan|
|Patent Citations (103), Non-Patent Citations (75), Referenced by (6), Classifications (9), Legal Events (4)|
|External Links: USPTO, USPTO Assignment, Espacenet|
This application is a Continuation-in-Part of pending U.S. patent application Ser. No. 11/321,818 entitled “PERFORMANCE MODELING AND THE APPLICATION LIFE CYCLE” and filed Dec. 29, 2005. The entirety of the above-noted application is incorporated by reference herein.
Analysis of software systems has proven to be extremely useful to development requirements and to the design of systems. As such, it can be particularly advantageous to incorporate performance analysis into the software development life cycle from the beginning stage of design. Recently, there has been a growing trend to incorporate performance analysis into the software specification. However, these conventional systems lack accuracy and ease of implementation.
Today, when developing an application, it is oftentimes difficult to predict how the application will react under real-world conditions. In other words, it is difficult to predict the performance of an application prior to and during development and/or before completion. Frequently, upon completion, a developer will have to modify the application in order to adhere to real-world conditions. This modification can consume many hours of programming time and delay application deployment—each of which is very expensive.
By way of example, it is often difficult for a programmer to predict operational performance of an application without knowing specific operating environment criterion. In one example, applications often react differently if utilized by a single user as when utilized by a multitude of users. More particularly, the response time of an application is most often decreased upon a multi-user load as opposed to a single user load. Similarly, processor performance reacts differently upon different operating conditions. These and other criteria greatly affect the performance of an application.
While many of these criterions can be estimated with some crude level of certainty, others cannot. For those criterions that can be estimated prior to development, this estimate most often requires a great amount of research and guesswork in order to most accurately determine the criterion. The conventional guesswork approach of performance prediction is not based upon any founded benchmark. As well, these conventional approaches are not systematic in any way. In other words, conventional systems do not enable repetitive testing and/or validation when accessing performance within the application life cycle.
In accordance with traditional application life cycle development, it is currently not possible to proactively (and accurately) address performance issues from the beginning to the end of the life cycle. To the contrary, developers often find themselves addressing performance issues after the fact—after development is complete. This retroactive performance modeling approach is extremely costly and time consuming to the application life cycle.
The following presents a simplified summary of the innovation in order to provide a basic understanding of some aspects of the innovation. This summary is not an extensive overview of the innovation. It is not intended to identify key/critical elements of the innovation or to delineate the scope of the innovation. Its sole purpose is to present some concepts of the innovation in a simplified form as a prelude to the more detailed description that is presented later.
The innovation disclosed and claimed herein, in one aspect thereof, comprises a novel approach to performance engineering that leverages expertise to enable a user to design, build and deploy applications that adhere to performance objectives. In doing so, the innovation discloses novel techniques and mechanisms to integrate performance into the application development lifecycle and to adapt current software engineering practices and methodologies to include specific performance related activities. In one aspect, these activities include identifying performance objectives, creating performance models, applying performance design guidelines, patterns and principles, conducting performance design inspections, performing regular performance code inspections, testing for performance, and conducting performance deployment inspections to ensure adherence to performance goals.
The innovation enables performance to be baked into the application lifecycle. In order to be effective, upfront performance design evaluated against a defined set of performance objectives is often required. The subject innovation discloses novel features, techniques, mechanisms and activities for upfront performance design.
In accordance with the innovation, the performance related activities start early and can continue throughout the lifecycle, many in parallel with one another. The performance objectives can be considered alongside other critical business objectives. Application specific performance objectives can be identified and documented early during requirements and analysis and can be balanced along side other quality of service requirements such as security, availability and reliability.
To the accomplishment of the foregoing and related ends, certain illustrative aspects of the innovation are described herein in connection with the following description and the annexed drawings. These aspects are indicative, however, of but a few of the various ways in which the principles of the innovation can be employed and the subject innovation is intended to include all such aspects and their equivalents. Other advantages and novel features of the innovation will become apparent from the following detailed description of the innovation when considered in conjunction with the drawings.
The following terms are used throughout the description, the definitions of which are provided herein to assist in understanding various aspects of the subject innovation.
A “Threat” is an undesired event. A potential occurrence, often best described as an effect that might damage or compromise an asset or objective. It may or may not be malicious in nature.
A “Vulnerability” is a weakness in some aspect or feature of a system that makes an exploit possible. Vulnerabilities can exist at the network, host, or application levels and include operational practices.
An “Attack” is an action taken that uses one or more vulnerabilities to realize a threat This could be someone following through on a threat or exploiting a vulnerability.
A “Countermeasure” addresses vulnerabilities to reduce the probability of attacks or the impacts of threats. Countermeasures do not directly address threats; instead, they address the factors that define the threats. Countermeasures range from improving application design, or improving code, to improving an operational practice.
The innovation is now described with reference to the drawings, wherein like reference numerals are used to refer to like elements throughout. In the following description, for purposes of explanation, numerous specific details are set forth in order to provide a thorough understanding of the subject innovation. It may be evident, however, that the innovation can be practiced without these specific details. In other instances, well-known structures and devices are shown in block diagram form in order to facilitate describing the innovation.
As used in this application, the terms “component” and “system” are intended to refer to a computer-related entity, either hardware, a combination of hardware and software, software, or software in execution. For example, a component can be, but is not limited to being, a process running on a processor, a processor, an object, an executable, a thread of execution, a program, and/or a computer. By way of illustration, both an application running on a server and the server can be a component. One or more components can reside within a process and/or thread of execution, and a component can be localized on one computer and/or distributed between two or more computers.
As used herein, the term to “infer” or “inference” refer generally to the process of reasoning about or inferring states of the system, environment, and/or user from a set of observations as captured via events and/or data. Inference can be employed to identify a specific context or action, or can generate a probability distribution over states, for example. The inference can be probabilistic—that is, the computation of a probability distribution over states of interest based on a consideration of data and events. Inference can also refer to techniques employed for composing higher-level events from a set of events and/or data. Such inference results in the construction of new events or actions from a set of observed events and/or stored event data, whether or not the events are correlated in close temporal proximity, and whether the events and data come from one or several event and data sources.
Referring initially to the drawings,
In one particular aspect, the performance engineering component 104 can include specific performance related activities 106. By way of example, the activities 106 can include identifying performance objectives, establishing design guidelines, performance modeling, performance design inspection, performance code inspection, performance testing, performance deployment inspection and capacity planning. Each of these performance engineering activities will be described in greater detail with reference to the figures that follow.
In general, the innovation discloses a novel patterns & practices approach to performance engineering. To design, build, and deploy optimized applications, a developer can employ the performance integration component 102 to proactively incorporate performance into the application development life cycle by including specific performance-related activities (e.g., 106) in the current software engineering processes. As stated above, the performance-related activities 106 can include identifying performance objectives, establishing design guidelines, performance modeling, performance design inspection, performance code inspection, performance testing, performance deployment inspection and capacity planning. The developer or user can adopt these activities 106 incrementally as desired. The combination of these activities 106 can provide tools, guidance, and workflow to help make performance awareness an integral part of the development experience.
In accordance with aspects of the innovation, performance objectives can be defined early in the development process. Performance objectives can be goals related to a variety of categories including, but not limited to, response time, throughput, resource utilization, workload, etc. Performance modeling facilitates understanding and prioritization of the performance issues relevant to a specific application scenario. The innovation discloses proven practices, patterns and principles that can assist in avoiding many performance issues introduced by poor design choices. By organizing these design patterns and practices into novel categories, the user can focus on those key areas where performance issues are often overlooked or mistakes are made.
In another aspect, the innovation discloses an architecture and design inspection process that analyzes the application architecture and design from a performance perspective. By way of example, the innovation considers a number of aspects including layers and tiers inspection, logical partitioning and boundaries related to a target deployment environment and the application life cycle.
All code should be subject to code inspections where the emphasis is on performance. This should be a continual activity during the development phase of the lifecycle. With respect to performance testing, in one aspect, load testing, stress testing and capacity testing can be employed. By using these specific activities for performance engineering, the user can leverage performance related expertise into the application life cycle by knowing where to start, how to proceed, and when the process is complete.
As illustrated in
The system 100 can provide at least the following novel features. The system 100 can provide end-to-end guidance on building software applications that meet specified and/or defined performance objectives throughout the application life cycle. As will be described in further detail infra, the guidance can use a novel performance frame which is a pattern-based information model that defines a set of performance-related categories specifically for the application type being designed. These categories can represent areas such as, coupling and cohesion, resource management, communication, caching, state management, concurrency, data structures/algorithms, etc.,
The novel principles & practices mechanisms of the subject innovation serve as a foundation for performance guidance and provide a stable basis for performance-related recommendations. With respect to processes and activities, the guidance provides steps for key activities including performance modeling, performance architecture and design inspections, performance code inspections and performance deployment inspections. Although specific performance-related activities are described herein, it is to be understood that each module or activity within the guidance is designed to be read independently.
In summary, the patterns & practices approach to performance engineering focuses on integrating performance into the life cycle through the adoption of a set of key performance activities 106. As will be described below, the specific activities 106 that make up the performance engineering discipline can include defining performance objectives, applying design guidelines for performance, creating performance models, conducting architecture and design inspections for performance, completing code inspections for performance, and performing deployment inspections for performance. While these specific performance activities 106 are described herein, it is to be understood that additional and/or disparate activities can be incorporated without departing from the spirit and scope of the innovation. As such, these additional performance-related activities are to be included within the scope of this disclosure and claims appended hereto. A user can adopt these activities incrementally as desired.
As illustrated in
Performance objectives can be identified at 204. In doing so, an understanding can be made early with respect to the performance objectives that correspond to an application. These objectives can play a critical role in shaping performance modeling, code reviews, testing and deployment review. A performance-related activity (e.g., 106 of
As shown by the determination block at 208, an iterative approach can be employed to perform multiple activities. For example, some activities, such as code review performance modeling and performance testing could be performed multiple times during the development process to maximize application performance.
As shown in
Knowledge of performance objectives is essential to the success of all other performance-related activities. An aspect of the innovation proposes definition of performance objectives and requirements early in the process. Performance objectives can be related to response time, throughput, resource utilization, workload, etc.
As illustrated by the overlap in
It is to be understood that it is possible to incrementally adopt the key performance activities in retrospect. The activities that should be adopted first will depend on the performance objectives identified, as well as any outstanding problems of the process or application. For most organizations, particularly good results will come from adopting the activities in the following order:
The patterns & practices approach to performance engineering focuses on integrating performance into the application development life cycle through the adoption of a limited set of key performance activities. It uses a pattern-based information model in the form of a set of performance categories to help systematically focus efforts on areas where performance issues are most likely encountered. The most common specific activities that make up the performance engineering discipline include defining performance objectives, applying design guidelines for performance, creating performance models, conducting architecture and design inspections for performance, completing code inspections for performance, and performing deployment inspections for performance.
Turning now to
Performance objectives should ideally be identified in the requirements and analysis phase. If the objectives for the application are not known, then it is difficult to be successful with any other performance activity. Generally, performance objectives are used to:
In each activity, the performance objectives can be used to help focus on the highest value areas while avoiding issues that will not affect the application.
Identifying performance objectives is an iterative process that is initially driven by an examination of the application's requirements and usage scenarios. By the end of the requirements and analysis phase, the user should have a first set of objectives that are not yet tied to design or implementation details. During the design phase, additional objectives will surface that are specific to the application architecture and design. During the implementation phase, the user may discover a few additional objectives based upon specific technology or implementation choices that have an impact on overall application performance. Each evolution of the performance objectives can affect other performance activities. The user should review the performance model, architecture and design review guidelines, and general code review guidelines when the performance objectives change.
As illustrated in
The performance frame 602 is a pattern-based information model that defines a set of performance-related categories specifically for the application type being designed. These categories can represent areas where performance issues are most frequently encountered. Patterns & practices performance guidance includes context-specific performance frames (e.g., 602) for each major application type.
Design guidelines are organized by the common application performance categories contained in the performance frame 602. For example, as illustrated in
Coupling and cohesion
Loose coupling and high cohesion
Transport mechanism, boundaries, remote
interface design, round trips, serialization,
Transactions, locks, threading, queuing
Allocating, creating, destroying, pooling
Per user, application-wide, data volatility
Per user, application-wide, persistence,
Data structures and
Choice of algorithm
Arrays versus collections
The categories in the frame can represent a prioritized set of technology-agnostic common denominators that are pervasive across applications. The categories can be employed to build evaluation criteria where performance and scalability decisions can have a large impact.
As stated earlier, the preceding example included a discussion of novel performance-related activities in accordance with an aspect of the subject innovation. Referring again to
Performance-specific aspects of the overall engineering model are identified by the dashed line in
As illustrated in
At 806, performance objectives can be identified. For example, performance objectives for each of the key scenarios can be identified. In one particular aspect, performance objectives can reflect specific business requirements.
A budget, limitation and/or constraint can be identified at 808. In one particular example, this act can include the maximum execution time in which an operation is to be completed. In another example, this act can include an identification of resource utilization constraints, such as CPU, memory, disk I/O, network I/O, etc.
At 810, processing steps in accordance with each of the key scenarios can be identified. In other words, key scenarios can be parsed into disparate component processing steps. The budget can be allocated at 812. In this act, the total budget determined in act 808 can be allocated across the processing steps established in act 810. More particularly, this allocation can be made in order to meet the performance objectives set forth in act 806.
Once the budget is allocated at 812, the design can be evaluated at 814. In other words, the design can be evaluated against the pre-defined objectives and/or budget. It may be necessary to modify the design or spread response time and resource utilization budget differently to meet the performance objectives.
The model can be validated at 816—by way of example, the pre-defined examples can be validated at 816. As will be better understood upon a review of the figures and/or methodologies that follow, this validation act can be an ongoing activity throughout the application life cycle. As well, the validation of 816 can include prototyping, assessing, and measuring in accordance with objectives and/or budget.
With respect to the performance design inspection,
At 904, performance and scalability frame can be addressed. Here it is particularly important to pay attention to the design approaches adopted for those areas that most commonly exhibit performance bottlenecks. These areas will be understood by those skilled in the art.
Additionally, at 906, a layer by layer analysis of the application can be effected. In this phase, a walk through of the logical layers of the application can be completed. Accordingly, performance characteristics of the various technologies employed within each layer can be examined.
Metrics can be identified at 1006 in accordance with the load testing methodology. In accordance therewith, metrics can be identified that represent desired performance criterion when conducting the test. At 1008, test cases can be created whereby steps for conducting a single test along with the expected results can be defined.
The load can be simulated in accordance with the test cases at 1010. In this act, the resulting metric data can be captured. Finally, the results can be analyzed at 1012. More particularly, the metric data captured during the test can be analyzed. It will be appreciated that similar acts can be performed in connection with stress testing. These acts will be understood by those skilled in the art and are to be included within the scope of this disclosure and claims appended hereto.
Turning now to
At 1104, the load and capture metrics can be simulated in order to gather information with respect to the application. In the analysis phase, 1106, performance issues and/or bottlenecks can be identified. It will be appreciated that the information gathered at 1104 can be employed to analyze the results.
In the configure phase of 1108, the application setup can be tuned by applying new system platform and/or application configuration settings. Finally, at 1110, tests and additional measurements can be effected in order to verify that configuration changes have been beneficial.
As illustrated in
A classifier is a function that maps an input attribute vector, x=(x1, x2, x3, x4, xn), to a confidence that the input belongs to a class, that is, f(x)=confidence (class). Such classification can employ a probabilistic and/or statistical-based analysis (e.g., factoring into the analysis utilities and costs) to prognosis or infer an action that a user desires to be automatically performed.
A support vector machine (SVM) is an example of a classifier that can be employed. The SVM operates by finding a hypersurface in the space of possible inputs, which the hypersurface attempts to split the triggering criteria from the non-triggering events. Intuitively, this makes the classification correct for testing data that is near, but not identical to training data. Other directed and undirected model classification approaches include, e.g., na´ve Bayes, Bayesian networks, decision trees, neural networks, fuzzy logic models, and probabilistic classification models providing different patterns of independence can be employed. Classification as used herein also is inclusive of statistical regression that is utilized to develop models of priority.
As will be readily appreciated from the subject specification, the subject innovation can employ classifiers that are explicitly trained (e.g., via a generic training data) as well as implicitly trained (e.g., via observing user behavior, receiving extrinsic information). For example, SVM's are configured via a learning or training phase within a classifier constructor and feature selection module. Thus, the classifier(s) can be used to automatically learn and perform a number of functions, including but not limited to determining according to a predetermined criteria an appropriate set of baseline objectives as well as acceptable thresholds associated therewith.
Referring now to
Generally, program modules include routines, programs, components, data structures, etc., that perform particular tasks or implement particular abstract data types. Moreover, those skilled in the art will appreciate that the inventive methods can be practiced with other computer system configurations, including single-processor or multiprocessor computer systems, minicomputers, mainframe computers, as well as personal computers, hand-held computing devices, microprocessor-based or programmable consumer electronics, and the like, each of which can be operatively coupled to one or more associated devices.
The illustrated aspects of the innovation may also be practiced in distributed computing environments where certain tasks are performed by remote processing devices that are linked through a communications network. In a distributed computing environment, program modules can be located in both local and remote memory storage devices.
A computer typically includes a variety of computer-readable media. Computer-readable media can be any available media that can be accessed by the computer and includes both volatile and nonvolatile media, removable and non-removable media. By way of example, and not limitation, computer-readable media can comprise computer storage media and communication media. Computer storage media includes both volatile and nonvolatile, removable and non-removable media implemented in any method or technology for storage of information such as computer-readable instructions, data structures, program modules or other data. Computer storage media includes, but is not limited to, RAM, ROM, EEPROM, flash memory or other memory technology, CD-ROM, digital versatile disk (DVD) or other optical disk storage, magnetic cassettes, magnetic tape, magnetic disk storage or other magnetic storage devices, or any other medium which can be used to store the desired information and which can be accessed by the computer.
Communication media typically embodies computer-readable instructions, data structures, program modules or other data in a modulated data signal such as a carrier wave or other transport mechanism, and includes any information delivery media. The term “modulated data signal” means a signal that has one or more of its characteristics set or changed in such a manner as to encode information in the signal. By way of example, and not limitation, communication media includes wired media such as a wired network or direct-wired connection, and wireless media such as acoustic, RF, infrared and other wireless media. Combinations of the any of the above should also be included within the scope of computer-readable media.
With reference again to
The system bus 1308 can be any of several types of bus structure that may further interconnect to a memory bus (with or without a memory controller), a peripheral bus, and a local bus using any of a variety of commercially available bus architectures. The system memory 1306 includes read-only memory (ROM) 1310 and random access memory (RAM) 1312. A basic input/output system (BIOS) is stored in a non-volatile memory 1310 such as ROM, EPROM, EEPROM, which BIOS contains the basic routines that help to transfer information between elements within the computer 1302, such as during start-up. The RAM 1312 can also include a high-speed RAM such as static RAM for caching data.
The computer 1302 further includes an internal hard disk drive (HDD) 1314 (e.g., EIDE, SATA), which internal hard disk drive 1314 may also be configured for external use in a suitable chassis (not shown), a magnetic floppy disk drive (FDD) 1316, (e.g., to read from or write to a removable diskette 1318) and an optical disk drive 1320, (e.g., reading a CD-ROM disk 1322 or, to read from or write to other high capacity optical media such as the DVD). The hard disk drive 1314, magnetic disk drive 1316 and optical disk drive 1320 can be connected to the system bus 1308 by a hard disk drive interface 1324, a magnetic disk drive interface 1326 and an optical drive interface 1328, respectively. The interface 1324 for external drive implementations includes at least one or both of Universal Serial Bus (USB) and IEEE 1394 interface technologies. Other external drive connection technologies are within contemplation of the subject innovation.
The drives and their associated computer-readable media provide nonvolatile storage of data, data structures, computer-executable instructions, and so forth. For the computer 1302, the drives and media accommodate the storage of any data in a suitable digital format. Although the description of computer-readable media above refers to a HDD, a removable magnetic diskette, and a removable optical media such as a CD or DVD, it should be appreciated by those skilled in the art that other types of media which are readable by a computer, such as zip drives, magnetic cassettes, flash memory cards, cartridges, and the like, may also be used in the exemplary operating environment, and further, that any such media may contain computer-executable instructions for performing the methods of the innovation.
A number of program modules can be stored in the drives and RAM 1312, including an operating system 1330, one or more application programs 1332, other program modules 1334 and program data 1336. All or portions of the operating system, applications, modules, and/or data can also be cached in the RAM 1312. It is appreciated that the innovation can be implemented with various commercially available operating systems or combinations of operating systems.
A user can enter commands and information into the computer 1302 through one or more wired/wireless input devices, e.g., a keyboard 1338 and a pointing device, such as a mouse 1340. Other input devices (not shown) may include a microphone, an IR remote control, a joystick, a game pad, a stylus pen, touch screen, or the like. These and other input devices are often connected to the processing unit 1304 through an input device interface 1342 that is coupled to the system bus 1308, but can be connected by other interfaces, such as a parallel port, an IEEE 1394 serial port, a game port, a USB port, an IR interface, etc.
A monitor 1344 or other type of display device is also connected to the system bus 1308 via an interface, such as a video adapter 1346. In addition to the monitor 1344, a computer typically includes other peripheral output devices (not shown), such as speakers, printers, etc.
The computer 1302 may operate in a networked environment using logical connections via wired and/or wireless communications to one or more remote computers, such as a remote computer(s) 1348. The remote computer(s) 1348 can be a workstation, a server computer, a router, a personal computer, portable computer, microprocessor-based entertainment appliance, a peer device or other common network node, and typically includes many or all of the elements described relative to the computer 1302, although, for purposes of brevity, only a memory/storage device 1350 is illustrated. The logical connections depicted include wired/wireless connectivity to a local area network (LAN) 1352 and/or larger networks, e.g., a wide area network (WAN) 1354. Such LAN and WAN networking environments are commonplace in offices and companies, and facilitate enterprise-wide computer networks, such as intranets, all of which may connect to a global communications network, e.g., the Internet.
When used in a LAN networking environment, the computer 1302 is connected to the local network 1352 through a wired and/or wireless communication network interface or adapter 1356. The adapter 1356 may facilitate wired or wireless communication to the LAN 1352, which may also include a wireless access point disposed thereon for communicating with the wireless adapter 1356.
When used in a WAN networking environment, the computer 1302 can include a modem 1358, or is connected to a communications server on the WAN 1354, or has other means for establishing communications over the WAN 1354, such as by way of the Internet. The modem 1358, which can be internal or external and a wired or wireless device, is connected to the system bus 1308 via the serial port interface 1342. In a networked environment, program modules depicted relative to the computer 1302, or portions thereof, can be stored in the remote memory/storage device 1350. It will be appreciated that the network connections shown are exemplary and other means of establishing a communications link between the computers can be used.
The computer 1302 is operable to communicate with any wireless devices or entities operatively disposed in wireless communication, e.g., a printer, scanner, desktop and/or portable computer, portable data assistant, communications satellite, any piece of equipment or location associated with a wirelessly detectable tag (e.g., a kiosk, news stand, restroom), and telephone. This includes at least Wi-Fi and Bluetooth™ wireless technologies. Thus, the communication can be a predefined structure as with a conventional network or simply an ad hoc communication between at least two devices.
Wi-Fi, or Wireless Fidelity, allows connection to the Internet from a couch at home, a bed in a hotel room, or a conference room at work, without wires. Wi-Fi is a wireless technology similar to that used in a cell phone that enables such devices, e.g., computers, to send and receive data indoors and out; anywhere within the range of a base station. Wi-Fi networks use radio technologies called IEEE 802.11 (a, b, g, etc.) to provide secure, reliable, fast wireless connectivity. A Wi-Fi network can be used to connect computers to each other, to the Internet, and to wired networks (which use IEEE 802.3 or Ethernet). Wi-Fi networks operate in the unlicensed 2.4 and 5 GHz radio bands, at an 11 Mbps (802.11a) or 54 Mbps (802.11b) data rate, for example, or with products that contain both bands (dual band), so the networks can provide real-world performance similar to the basic 10BaseT wired Ethernet networks used in many offices.
Referring now to
The system 1400 also includes one or more server(s) 1404. The server(s) 1404 can also be hardware and/or software (e.g., threads, processes, computing devices). The servers 1404 can house threads to perform transformations by employing the innovation, for example. One possible communication between a client 1402 and a server 1404 can be in the form of a data packet adapted to be transmitted between two or more computer processes. The data packet may include a cookie and/or associated contextual information, for example. The system 1400 includes a communication framework 1406 (e.g., a global communication network such as the Internet) that can be employed to facilitate communications between the client(s) 1402 and the server(s) 1404.
Communications can be facilitated via a wired (including optical fiber) and/or wireless technology. The client(s) 1402 are operatively connected to one or more client data store(s) 1408 that can be employed to store information local to the client(s) 1402 (e.g., cookie(s) and/or associated contextual information). Similarly, the server(s) 1404 are operatively connected to one or more server data store(s) 1410 that can be employed to store information local to the servers 1404.
What has been described above includes examples of the innovation. It is, of course, not possible to describe every conceivable combination of components or methodologies for purposes of describing the subject innovation, but one of ordinary skill in the art may recognize that many further combinations and permutations of the innovation are possible. Accordingly, the innovation is intended to embrace all such alterations, modifications and variations that fall within the spirit and scope of the appended claims. Furthermore, to the extent that the term “includes” is used in either the detailed description or the claims, such term is intended to be inclusive in a manner similar to the term “comprising” as “comprising” is interpreted when employed as a transitional word in a claim.
|Cited Patent||Filing date||Publication date||Applicant||Title|
|US5107499||Apr 30, 1990||Apr 21, 1992||At&T Bell Laboratories||Arrangement for automated troubleshooting using selective advice and a learning knowledge base|
|US5446680||Jul 13, 1994||Aug 29, 1995||Ibm Business Machines Corporation||System and method for obtaining network performance data|
|US5751949||May 23, 1995||May 12, 1998||Mci Corporation||Data security system and method|
|US5812780||May 24, 1996||Sep 22, 1998||Microsoft Corporation||Method, system, and product for assessing a server application performance|
|US6067412||Aug 17, 1995||May 23, 2000||Microsoft Corporation||Automatic bottleneck detection by means of workload reconstruction from performance measurements|
|US6167521||Aug 29, 1997||Dec 26, 2000||International Business Machines Corporation||Securely downloading and executing code from mutually suspicious authorities|
|US6209101||Jul 17, 1998||Mar 27, 2001||Secure Computing Corporation||Adaptive security system having a hierarchy of security servers|
|US6256773||Aug 31, 1999||Jul 3, 2001||Accenture Llp||System, method and article of manufacture for configuration management in a development architecture framework|
|US6377994||Apr 15, 1996||Apr 23, 2002||International Business Machines Corporation||Method and apparatus for controlling server access to a resource in a client/server system|
|US6408391||May 6, 1998||Jun 18, 2002||Prc Inc.||Dynamic system defense for information warfare|
|US6457040||Jan 15, 1999||Sep 24, 2002||Kabushiki Kaisha Toshiba||Method and system for a distributed network computing system for providing application services|
|US6584569||Mar 5, 2001||Jun 24, 2003||Sanctum Ltd.||System for determining web application vulnerabilities|
|US6609100||Mar 7, 1997||Aug 19, 2003||Lockhead Martin Corporation||Program planning management system|
|US6631473||Mar 26, 2002||Oct 7, 2003||Sun Microsystems, Inc.||Adaptive countermeasure selection method and apparatus|
|US6643775||Nov 20, 1998||Nov 4, 2003||Jamama, Llc||Use of code obfuscation to inhibit generation of non-use-restricted versions of copy protected software applications|
|US6668325||Jun 9, 1998||Dec 23, 2003||Intertrust Technologies||Obfuscation techniques for enhancing software security|
|US6742143||Sep 12, 2002||May 25, 2004||Microsoft Corporation||Method and apparatus for analyzing performance of data processing system|
|US6782425||Nov 24, 1999||Aug 24, 2004||Unisys Corporation||Session based security profile for internet access of an enterprise server|
|US6816886||Jun 21, 2002||Nov 9, 2004||Microsoft Corporation||Measuring performance metrics of networked computing entities|
|US6836845||Jun 30, 2000||Dec 28, 2004||Palm Source, Inc.||Method and apparatus for generating queries for secure authentication and authorization of transactions|
|US6850985||Mar 1, 2000||Feb 1, 2005||Microsoft Corporation||Security and support for flexible conferencing topologies spanning proxies, firewalls and gateways|
|US6912502||Dec 30, 1999||Jun 28, 2005||Genworth Financial, Inc.,||System and method for compliance management|
|US6915454||Jun 12, 2001||Jul 5, 2005||Microsoft Corporation||Web controls validation|
|US6959393||Apr 29, 2003||Oct 25, 2005||Threat Guard, Inc.||System and method for secure message-oriented network communications|
|US6971026||Jul 27, 2000||Nov 29, 2005||Hitachi, Ltd.||Method and apparatus for evaluating security and method and apparatus for supporting the making of security countermeasure|
|US6980927||Nov 27, 2002||Dec 27, 2005||Telos Corporation||Enhanced system, method and medium for certifying and accrediting requirements compliance utilizing continuous risk assessment|
|US6981281||Jun 21, 2000||Dec 27, 2005||Microsoft Corporation||Filtering a permission set using permission requests associated with a code assembly|
|US6985946||May 12, 2000||Jan 10, 2006||Microsoft Corporation||Authentication and authorization pipeline architecture for use in a web server|
|US6993448||Apr 2, 2001||Jan 31, 2006||Telos Corporation||System, method and medium for certifying and accrediting requirements compliance|
|US6996845||Nov 28, 2000||Feb 7, 2006||S.P.I. Dynamics Incorporated||Internet security analysis system and process|
|US7000219||Nov 5, 2001||Feb 14, 2006||Wilde Technologies Limited||Software development process|
|US7013395||Mar 13, 2001||Mar 14, 2006||Sandra Corporation||Method and tool for network vulnerability analysis|
|US7032114||Aug 30, 2000||Apr 18, 2006||Symantec Corporation||System and method for using signatures to detect computer intrusions|
|US7096502||Feb 8, 2000||Aug 22, 2006||Harris Corporation||System and method for assessing the security posture of a network|
|US7219304||Jun 19, 2000||May 15, 2007||International Business Machines Corporation||System and method for developing and administering web applications and services from a workflow, enterprise, and mail-enabled web application server and platform|
|US7231661||Jun 21, 2001||Jun 12, 2007||Oracle International Corporation||Authorization services with external authentication|
|US7249174||Apr 16, 2003||Jul 24, 2007||Bladelogic, Inc.||Method and system for executing and undoing distributed server change operations|
|US7370359||Mar 2, 2005||May 6, 2008||Solutionary, Inc.||Method and apparatus for verifying the integrity and security of computer networks and implementing counter measures|
|US20020007229||Mar 9, 2001||Jan 17, 2002||Hudson Edison T.||Distributed machine control software architecture|
|US20020078380||Dec 20, 2000||Jun 20, 2002||Jyh-Han Lin||Method for permitting debugging and testing of software on a mobile communication device in a secure environment|
|US20020144128||Mar 28, 2001||Oct 3, 2002||Mahfuzur Rahman||Architecture for secure remote access and transmission using a generalized password scheme with biometric features|
|US20020161903||Apr 30, 2001||Oct 31, 2002||Besaw Lawrence M.||System for secure access to information provided by a web application|
|US20030005326||Jun 29, 2001||Jan 2, 2003||Todd Flemming||Method and system for implementing a security application services provider|
|US20030014644||May 2, 2002||Jan 16, 2003||Burns James E.||Method and system for security policy management|
|US20030033516||Aug 8, 2001||Feb 13, 2003||Michael Howard||Rapid application security threat analysis|
|US20030120938||Nov 21, 2002||Jun 26, 2003||Miki Mullor||Method of securing software against reverse engineering|
|US20030172292||Feb 7, 2003||Sep 11, 2003||Paul Judge||Systems and methods for message threat management|
|US20030217277||May 15, 2002||Nov 20, 2003||Nokia, Inc.||Preventing stack buffer overflow attacks|
|US20030233431||Apr 16, 2003||Dec 18, 2003||Bladelogic, Inc.||Method and system for model-based heterogeneous server configuration management|
|US20030233571||Apr 16, 2003||Dec 18, 2003||Bladelogic, Inc.||Method and system for simplifying distributed server management|
|US20040003286||Jul 1, 2002||Jan 1, 2004||Microsoft Corporation||Distributed threat management|
|US20040103200||Nov 23, 2002||May 27, 2004||Microsoft Corporation||Method and system for improved internet security via HTTP-only cookies|
|US20040139353||Nov 17, 2003||Jul 15, 2004||Forcade Jonathan Brett||Methodology and system for real time information system application intrusion detection|
|US20040205711||Apr 10, 2003||Oct 14, 2004||Ishimitsu Michael Kazuo||System and method for creation of an object within an object hierarchy structure|
|US20040221163||Jan 16, 2004||Nov 4, 2004||Jorgensen Jimi T.||Pervasive, user-centric network security enabled by dynamic datagram switch and an on-demand authentication and encryption scheme through mobile intelligent data carriers|
|US20040230831||May 12, 2003||Nov 18, 2004||Microsoft Corporation||Passive client single sign-on for Web applications|
|US20040260754||Jun 20, 2003||Dec 23, 2004||Erik Olson||Systems and methods for mitigating cross-site scripting|
|US20050004863||Jul 26, 2004||Jan 6, 2005||Havrilak Robert J.||Method for assessing and managing security risk for systems|
|US20050015591||Jun 12, 2003||Jan 20, 2005||International Business Machines Corporation||Multi-level multi-user web services security system and method|
|US20050015752||Jul 15, 2003||Jan 20, 2005||International Business Machines Corporation||Static analysis based error reduction for software applications|
|US20050022003||Jul 1, 2004||Jan 27, 2005||Oliphant Brett M.||Client capture of vulnerability data|
|US20050022021||Jul 22, 2003||Jan 27, 2005||Bardsley Jeffrey S.||Systems, methods and data structures for generating computer-actionable computer security threat management information|
|US20050022172||Jul 22, 2003||Jan 27, 2005||Howard Robert James||Buffer overflow protection and prevention|
|US20050039046||Jul 22, 2003||Feb 17, 2005||Bardsley Jeffrey S.||Systems, methods and computer program products for administration of computer security threat countermeasures to a computer system|
|US20050044405||Sep 28, 2004||Feb 24, 2005||Spraggs Lynn D.||System and method of securing a computer from unauthorized access|
|US20050044418||Jul 26, 2004||Feb 24, 2005||Gary Miliefsky||Proactive network security system to protect against hackers|
|US20050055565||Sep 5, 2003||Mar 10, 2005||Cedric Fournet||Reviewing the security of trusted software components|
|US20050091227||Oct 23, 2003||Apr 28, 2005||Mccollum Raymond W.||Model-based management of computer systems and distributed applications|
|US20050102536||Oct 8, 2004||May 12, 2005||Bea Systems, Inc.||Dynamically configurable distributed security system|
|US20050120231||May 28, 2004||Jun 2, 2005||Fujitsu Limited||Method and system for controlling network connection, and computer product|
|US20050125272||Jan 20, 2005||Jun 9, 2005||Nokia Corporation||Method for validating software development maturity|
|US20050131978||Jul 30, 2004||Jun 16, 2005||Microsoft Corporation||Systems and methods that employ process algebra to specify contracts and utilize performance prediction implementations thereof to measure the specifications|
|US20050138426||Nov 8, 2004||Jun 23, 2005||Brian Styslinger||Method, system, and apparatus for managing, monitoring, auditing, cataloging, scoring, and improving vulnerability assessment tests, as well as automating retesting efforts and elements of tests|
|US20050144471||Dec 31, 2003||Jun 30, 2005||Microsoft Corporation||Protection against runtime function attacks|
|US20050182941||Feb 16, 2004||Aug 18, 2005||Microsoft Corporation||Generic security claim processing model|
|US20050182969||Apr 8, 2005||Aug 18, 2005||Andrew Ginter||Periodic filesystem integrity checks|
|US20050188221||Feb 24, 2004||Aug 25, 2005||Covelight Systems, Inc.||Methods, systems and computer program products for monitoring a server application|
|US20050190769||Jan 28, 2005||Sep 1, 2005||Smith B. S.||System and method for securing remote access to a remote system|
|US20050198332||Dec 30, 2004||Sep 8, 2005||International Business Machines Corporation||Controlling access of a client system to an access protected remote resource|
|US20050198520||Mar 2, 2004||Sep 8, 2005||Bardsley Jeffrey S.||Domain controlling systems, methods and computer program products for administration of computer security threat countermeasures to a domain of target computer systems|
|US20050234926||Apr 11, 2005||Oct 20, 2005||Andrew Warner||Method to support authentication and authorization of web application user to database management system in web server based data-driven applications|
|US20050246716||Jun 23, 2005||Nov 3, 2005||Microsoft Corporation||Application program interface for network software platform|
|US20050246776||Jan 20, 2005||Nov 3, 2005||Microsoft Corporation||Framework for protection level monitoring, reporting, and notification|
|US20050273860||Dec 10, 2004||Dec 8, 2005||Brian Chess||Apparatus and method for developing, testing and monitoring secure software|
|US20050283622||Jun 17, 2004||Dec 22, 2005||International Business Machines Corporation||System for managing security index scores|
|US20050283831||Oct 13, 2004||Dec 22, 2005||Lg N-Sys Inc.||Security system and method using server security solution and network security solution|
|US20060230430||Apr 6, 2005||Oct 12, 2006||International Business Machines Corporation||Method and system for implementing authorization policies for web services|
|US20060236394||Apr 13, 2005||Oct 19, 2006||Mci, Inc.||WAN defense mitigation service|
|US20060265740||Mar 20, 2006||Nov 23, 2006||Clark John F||Method and system for providing user access to a secure application|
|US20060277606||May 23, 2006||Dec 7, 2006||Mamoon Yunus||Technique for determining web services vulnerabilities and compliance|
|US20060282891||Jun 8, 2005||Dec 14, 2006||Mci, Inc.||Security perimeters|
|US20070016955||Aug 2, 2005||Jan 18, 2007||Ygor Goldberg||Practical threat analysis|
|US20070156420||Dec 29, 2005||Jul 5, 2007||Microsoft Corporation||Performance modeling and the application life cycle|
|US20070157156||Dec 29, 2005||Jul 5, 2007||Microsoft Corporation||Information models and the application life cycle|
|US20070157311||Dec 29, 2005||Jul 5, 2007||Microsoft Corporation||Security modeling and the application life cycle|
|US20070162890||May 11, 2006||Jul 12, 2007||Microsoft Corporation||Security engineering and the application life cycle|
|US20070192344||May 11, 2006||Aug 16, 2007||Microsoft Corporation||Threats and countermeasures schema|
|US20070199050||Feb 14, 2006||Aug 23, 2007||Microsoft Corporation||Web application security frame|
|US20070204346||Feb 27, 2006||Aug 30, 2007||Microsoft Corporation||Server security schema|
|US20070289009||May 31, 2007||Dec 13, 2007||Nokia Corporation||Authentication in a multiple-access environment|
|US20080098479||Oct 23, 2006||Apr 24, 2008||O'rourke Paul F||Methods of simulating vulnerability|
|WO2000056027A1||Mar 15, 2000||Sep 21, 2000||Texar Software Corp||Computer security system|
|WO2003101069A1||May 28, 2002||Dec 4, 2003||Grupo S21Sec Gestion S A||Firewalls for securing networks and http applications|
|1||".NET Framework Security", by Meier et al., MIcrosoft Corporation, Jun. 2003.|
|2||"Performance and Scalability of Distributed Software Architectures: An SPE Approach", Smith et al., CiteSeer 2002.|
|3||Adding Application Security. Http://www.technicalinfo.net/opinions/opinion024.html, last accessed on Nov. 15, 2005, 2 pages.|
|4||Brose, Securing Web Services with SOAP Security Proxies, 4 pages, 2003.|
|5||Chadwick, D., Threat Modelling for Active Directory, 10 pages, 2005.|
|6||Connie U. Smith et al., Performance Engineering Evaluation of Object-Oriented Systems with SPE.ED(TM), Computer Performance Evaluation: Modelling Techniques and Tools, No. 1245, Springer-Verlag, Berlin, 1997, 21 pages.|
|7||Connie U. Smith et al., Performance Engineering Evaluation of Object-Oriented Systems with SPE•ED™, Computer Performance Evaluation: Modelling Techniques and Tools, No. 1245, Springer-Verlag, Berlin, 1997, 21 pages.|
|8||Connie U. Smith et al., Software Performance Engineering: A Case Study Including Performance Comparison with Design Alternatives, IEEE Transactions on Software Engineering, Jul. 1993, pp. 720-741,vol. 19, No. 7.|
|9||D Snow and W. Chang, Network security, 1992.|
|10||Desmet, L., et al, Threat Modelling for Web Services Based Web Applications, 14 pages, 2005.|
|11||*||Devanbu et al. "Software Engineering for Security: a Roadmap" ACM 2000.|
|12||Dunn, M., Cyber-Threats and Countermeasures Towards an Analytical Framework for Explaining Threat Politics in the Information Age, Aug. 2004, 35 pages.|
|13||FortiGateTM Series of ASIC-accelerated multi-threat security systems. Http://www.fortinet.com/products/, 2006.|
|14||*||Fox "Performance Engineering as a Part of the Development Life Cycle for Large-Scale Software Systems".|
|15||Gerald A. Marin, Network security basics, Basic Training, IEEE Security & Privacy, Published by the IEEE Computer Society, Nov./Dec. 2005. http://ieeexplore.ieee.org/search/srchabstract.jsp?Amumber=1556540&isnumber=33104&punumber=8013&k2dockey=1556540@ieeejms&query=%28network+security%29%3Cin%3Emetadata&pos=6.|
|16||Hondo, et al., Securing Web Services: 2002, 12 pages.|
|18||J.D Meier, et al., Threat Modelling Web Applications, May 2005. http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnpag2/html/tmwa.asp, last accessed on Nov. 15, 2005, 6 pages.|
|19||Jian Tao, et al., The research on dynamic self-adaptive network security model based on mobile agent, National Engineering Research Center for Computer Software, 308 Mailbox of Northeastern University, Shen yang, 110006, China. Http://ieeexplore.ieee.org/search/srchabstract.jsp?amumber=885909&isnumber=19142&punumber−7108&k2dockey=885908@ieeecnfs@query=%28network+security, 2000.|
|20||Jian Tao, et al., The research on dynamic self-adaptive network security model based on mobile agent, National Engineering Research Center for Computer Software, 308 Mailbox of Northeastern University, Shen yang, 110006, China. Http://ieeexplore.ieee.org/search/srchabstract.jsp?amumber=885909&isnumber=19142&punumber-7108&k2dockey=885908@ieeecnfs@query=%28network+security, 2000.|
|21||Jon Oltsik, Information Security Brief, Apr. 2005, accessible at http://www.appsecinc.com/news/APPSECINC-April. Pdf, 3 pages.|
|22||Jon Oltsik, Information Security Brief, Apr. 2005, accessible at http://www.appsecinc.com/news/APPSECINC—April. Pdf, 3 pages.|
|23||Joshi, et al., Security models for Web-based applications; 2001, 7 pages.|
|24||Kudo, et al., XML Document Security Based on Provisional Authorization; 2000; 10 Pages.|
|25||L. Liu et al., Security and Privacy Requirements Analysis within a Social Setting, Proceedings of the 11th IEEE Joint International Congerence on Requirements Engineering (RE), Sep. 8-12, 2003, pp. 151-161.|
|26||Meier, J. et al., Chapter 2-Threats and Countermeasures: Improving Web Application Security; Jun. 2003, 22 Pages; http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnnetsec/html/THCMCh02.asp; last viewed May 1, 2006.|
|27||Meier, J. et al., Chapter 2—Threats and Countermeasures: Improving Web Application Security; Jun. 2003, 22 Pages; http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnnetsec/html/THCMCh02.asp; last viewed May 1, 2006.|
|28||Meier,J.D., et al.; Cheat Sheet: Web Application Security Frame; May 2005; 6 pages; http://msdn.microso ft.com/1ibrary/default.asp?url=/library/en-us/dnpag2/htmlTMWAcheatsheet.asp.|
|29||Meier,J.D., et al.; Improving Web Application Security: Threats and Countermeasures; Jun. 2003; 6 pages; http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnnetsec/html/ThreatCounter.asp last viewed Mar. 29, 2005.|
|30||Meier,J.D., et al; Patterns and Practices Security Deployment ReviewIndex; Aug. 2005; 2 pages; http://msdn.microsoft.com/1ibrary/en-us/dnpag2/html/SecurityDeploymentReviewIndex.asp. Last viewed Mar. 29, 2005.|
|31||Meier,J.D., et al; Patterns and Practices Security Index; Aug. 2005; 5 pages; http://msdn.microsoftcom/library/default.asp?url=/library/en-us/dnpag2/html/securityengindex.asp.|
|32||Meier,J.D., et al; Patterns and Practices Web Application Security Engineering Index; Aug. 2005; 4 pages; http://msdn.microsoft.com/1ibrary/default.asp?url=/library/en-us/dnpag2/html/WebAppSecurityEngIndex.asp last viewed Mar. 29, 2005.|
|33||Meier,J.D., et al; Security Engineering Explained; 2205; 51 pages.|
|34||Microsoft Corporation; Patterns and Practices Security Engineering Explained; Oct. 2005; 4 pages; http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnpag2/html/scccngexplained.asp.|
|35||MSDN. "Chapter 1-Fundementals of Engineering for Performance" http://msdn.microsoft.com/library/en-us/dnpag/html/scalenetchapt01.asp?frame=true last viewed Dec. 1, 2006, 9 pages.|
|36||MSDN. "Chapter 1—Fundementals of Engineering for Performance" http://msdn.microsoft.com/library/en-us/dnpag/html/scalenetchapt01.asp?frame=true last viewed Dec. 1, 2006, 9 pages.|
|37||Notice of Allowance dated Jan. 29, 2010 cited in U.S. Appl. No. 11/363,142.|
|38||OA dated Dec. 5, 2008 for U.S. Appl. No. 11/321,818 18 pages.|
|39||Office Action dated Apr. 2, 2009 cited in U.S. Appl. No. 11/363,142.|
|40||Office Action dated Apr. 28, 2010 cited in U.S. Appl. No. 11/321,153.|
|41||Office Action dated Apr. 28, 2010 cited in U.S. Appl. No. 11/382,858.|
|42||Office Action dated Aug. 4, 2009 cited in U.S. Appl. No. 11/382,858.|
|43||Office Action dated Dec. 9, 2009 cited in U.S. Appl. No. 11/321,818.|
|44||Office Action dated Feb. 11, 2008 cited in U.S. Appl. No. 11/321,153.|
|45||Office Action dated Jan. 11, 2010 cited in U.S. Appl. No. 11/382,858.|
|46||Office Action dated Jan. 7, 2010 cited in U.S. Appl. No. 11/382,857.|
|47||Office Action dated Jun. 22, 2009 cited in U.S. Appl. No. 11/353,821.|
|48||Office Action dated Jun. 23, 2008 cited in U.S. Appl. No. 11/321,818.|
|49||Office Action dated Mar. 19, 2008 cited in U.S. Appl. No. 11/382,857.|
|50||Office Action dated Mar. 2, 2010 cited in U.S. Appl. No. 11/321,425.|
|51||Office Action dated Mar. 24, 2009 cited in U.S. Appl. No. 11/321,818.|
|52||Office Action dated Mar. 6, 2009 cited in U.S. Appl. No. 11/321,153.|
|53||Office Action dated Mar. 6, 2009 cited in U.S. Appl. No. 11/382,857.|
|54||Office Action dated May 15, 2009 cited in U.S. Appl. No. 11/321,425.|
|55||Office Action dated Nov. 10, 2009 cited in U.S. Appl. No. 11/353,821.|
|56||Office Action dated Nov. 25, 2009 cited in U.S. Appl. No. 11/321,425.|
|57||Office Action dated Oct. 17, 2008 cited in U.S. Appl. No. 11/382,857.|
|58||Office Action dated Sep. 10, 2009 cited in U.S. Appl. No. 11/363,142.|
|59||Office Action dated Sep. 14, 2009 cited in U.S. Appl. No. 11/321,153.|
|60||*||Papaefstathiou, "Design of a Performance Technology Infrastructure to Support the Construction of Responsive Software" Microsoft Sep. 26, 2000.|
|61||*||Papaefstathiou, "Design of a Performance Technology Infrastructure to Support the Construction of Responsive Software".|
|62||Patterns and Practices Security Engineering Explained; 2 pages; http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnpag2/html/scccngexplained.asp; last viewed Mar. 29, 2005.|
|63||R. Crook et al., Security Requirements Engineering: When Anti-Requirements Hit the Fan, Proceedings of the IEEE Joint International Conference on Requirements Engineering(RE'02), IEEE Computer Society, 2002, 3 Pages.|
|64||Security in a Web Services World: a Proposed Architecture and Roadmap, Apr. 7, 2002. http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnwssecur/html/securitywhitepaper.asp, last accessed on Nov. 15, 2005, 20 pages.|
|65||Simonetta Balsamo et al., Deriving Performance Models from Software Architecture Specifications, viewed at http://www.dsi.unive.it/~balsamo/saladin/bal-sim.2.01.pdf, 6 pages.|
|66||Simonetta Balsamo et al., Deriving Performance Models from Software Architecture Specifications, viewed at http://www.dsi.unive.it/˜balsamo/saladin/bal-sim.2.01.pdf, 6 pages.|
|67||Smith, Designing High-Performance Distributed Applications Using Software Performance Engineering: A Tutorial. Performance Engineering Services 1996.|
|68||Stephen S. Yau, An Integrated Life-Cycle Model for Software Maintenance, IEEE Transactions on Software Engineering, Aug. 1988, pp. 1128-114, vol. 14, No. 8.|
|69||Tadashi Ohta and Tetsuya Chikaraishi, Network security model, ATR Communication Systems Research Laboratories, 2-2, Hikaridai, Seika-cho, Soraku-gun, Kyoto 619-02, Japan. Http://ieeexplore.ieee.org/search/srchabstract.jsp?Amumber=515640&isnumber=11283&punumber=3866&k2dockey=515640@ieeecnfs&query=%28network+security%, 2002.|
|70||U.S. Appl. No. 11/321,425, filed Jul. 21, 2010, Office Action.|
|71||U.S. Appl. No. 11/353,821, filed Jul. 30, 2010, Notice of Allowance.|
|72||U.S. Appl. No. 11/382,858, filed Sep. 2, 2010, Office Action.|
|73||*||Verkamo et al. "Measuring Design Diagrams for Product Quality Evaluation".|
|74||Wiederhold "The Roles of Artificial Intellignece in Information Systems", Hounal of Intelligent Information Systems. 1992.|
|75||Wiederhold, The Roles of Artificial Intelligence in Information Systems. Journal of Intelligent Information Systems. 1992.|
|Citing Patent||Filing date||Publication date||Applicant||Title|
|US8312549 *||Aug 2, 2005||Nov 13, 2012||Ygor Goldberg||Practical threat analysis|
|US8566074 *||May 19, 2009||Oct 22, 2013||International Business Machines Corporation||Mapping between stress-test systems and real world systems|
|US20070016955 *||Aug 2, 2005||Jan 18, 2007||Ygor Goldberg||Practical threat analysis|
|US20090327971 *||Dec 31, 2009||Microsoft Corporation||Informational elements in threat models|
|US20100299129 *||May 19, 2009||Nov 25, 2010||International Business Machines Corporation||Mapping Between Stress-Test Systems and Real World Systems|
|US20110231582 *||Oct 13, 2008||Sep 22, 2011||Mustafa Uysal||Trend determination and identification|
|U.S. Classification||703/22, 703/6, 703/1|
|Cooperative Classification||G06F2201/86, G06Q10/06, G06F11/3442, G06F11/3447|
|Jul 11, 2006||AS||Assignment|
Owner name: MICROSOFT CORPORATION, WASHINGTON
Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNORS:MEIER, JOHN D.;VASIREDDY, SRINATH;REEL/FRAME:017910/0254
Effective date: 20060425
|Jul 26, 2011||CC||Certificate of correction|
|Jul 25, 2014||FPAY||Fee payment|
Year of fee payment: 4
|Dec 9, 2014||AS||Assignment|
Owner name: MICROSOFT TECHNOLOGY LICENSING, LLC, WASHINGTON
Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNOR:MICROSOFT CORPORATION;REEL/FRAME:034542/0001
Effective date: 20141014